AWSTemplateFormatVersion: "2010-09-09"

Description: >
  AWS Cloud Formation for creating an AWS CodePipeline that checks a git repo for changes and then performs a build using code build


Parameters:
  qsPipelineName:
    Description: The name of the AWS Code Pipeline
    Type: String
    Default: WG-pipeline
    MinLength: 1
  qsPipelineRoleARN:
    Description: The complete ARN to the IAM role that code pipeline should use
    Type: String
    MinLength: 1
  qsCodeRepo:
    Description: The Repository
    Type: String
    MinLength: 1
  qsRepoBranch:
    Description: The Branch in the Repository
    Type: String
    MinLength: 1
  qsGitHubUser:
    Description: The GitHub User Id
    Type: String
    MinLength: 1
  qsGitHubAPIToken:
    Description: The GitHub Personal Access token do not use password
    NoEcho: true
    Type: String
    MinLength: 1
  qsS3PipelineArtifacts:
    Description: Where Code Pipeline will state artifacts in S3
    Type: String
    MinLength: 1
  qsS3CodeBuildArtifacts:
    Description: Where Code Build will upload Artifacts can be same as codepipeline
    Type: String
    MinLength: 1
  qsCodeBuildName:
    Description: Name of the AWS Code Build
    Type: String
    Default: WG-mvnBuilder
    MinLength: 1
  qsKMSKeyARN:
    Description: The KMS ARN that the IAM Role is allowed to use
    Type: String
    MinLength: 1
  qsCodeRoleArn:
    Description: The IAM Role ARN for CodePipeline and CodeDeploy
    Type: String
    MinLength: 1



Resources:




  stkcbrCodeBuild:
    Type: AWS::CodeBuild::Project
    Properties:
      Artifacts:
        Type: CODEPIPELINE
      Description: Builds WebGoat Jar using build file in repo
      EncryptionKey: !Ref 'qsKMSKeyARN'
      Environment:
        ComputeType: BUILD_GENERAL1_SMALL
        Image: aws/codebuild/java:openjdk-8
        Type: LINUX_CONTAINER
      Name: !Ref 'qsCodeBuildName'
      ServiceRole: !Ref 'qsCodeRoleArn'
      TimeoutInMinutes: 10
      Source:
        Type: CODEPIPELINE



  stkcplPipeline:
    Type: AWS::CodePipeline::Pipeline
    Properties:
      Name: !Ref 'qsPipelineName'
      RoleArn: !Ref 'qsPipelineRoleARN'
      ArtifactStore:
        Location: !Ref 'qsS3PipelineArtifacts'
        Type: S3
      Stages:
        - Name: CodeRepo
          Actions:
            - Name: CodeSource
              ActionTypeId:
                Category: Source
                Owner: ThirdParty
                Provider: GitHub
                Version: 1
              Configuration:
                Branch: !Ref 'qsRepoBranch'
                Repo: !Ref 'qsCodeRepo'
                Owner: !Ref 'qsGitHubUser'
                OAuthToken: !Ref 'qsGitHubAPIToken'
              OutputArtifacts:
                - Name: MySource
              RunOrder: '1'
        - Name: Build
          Actions:
            - Name: CodeBuild
              ActionTypeId:
                Category: Build
                Owner: AWS
                Provider: CodeBuild
                Version: 1
              InputArtifacts:
                - Name: MySource
              Configuration:
                ProjectName: !Ref stkcbrCodeBuild
              OutputArtifacts:
                - Name: MyBuild
              RunOrder: '2'